TrueCloudLab/frostfs-rest-gw
Archived
16
0
Fork 5
Code Issues 2 Pull requests 1 Projects Releases Activity Actions

[#73] Add missed CORS

Browse source 
Allow X-Bearer-For-All-Users, X-Bearer-Lifetime headers.
Add CORS to /auth/bearer route.

Signed-off-by: Denis Kirillov <denis@nspcc.ru>
This commit is contained in:
Denis Kirillov 2022-10-06 17:40:14 +03:00 committed by Alex Vanin
parent b2fdb8c5f8
commit feaea15aa7
8 changed files with 247 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

8
handlers/preflight.go
View file

@ -8,7 +8,7 @@ import (
const (
allOrigins = "*"
allowMethods = "PUT, DELETE"
allowHeaders = "X-Bearer-Owner-Id, X-Bearer-Signature, X-Bearer-Signature-Key, Content-Type, Authorization"
allowHeaders = "X-Bearer-For-All-Users, X-Bearer-Lifetime, X-Bearer-Owner-Id, X-Bearer-Signature, X-Bearer-Signature-Key, Content-Type, Authorization"
)
func (a *API) OptionsAuth(operations.OptionsAuthParams) middleware.Responder {
@ -17,6 +17,12 @@ func (a *API) OptionsAuth(operations.OptionsAuthParams) middleware.Responder {
WithAccessControlAllowHeaders(allowHeaders)
}
func (a *API) OptionsAuthBearer(operations.OptionsAuthBearerParams) middleware.Responder {
return operations.NewOptionsAuthBearerOK().
WithAccessControlAllowOrigin(allOrigins).
WithAccessControlAllowHeaders(allowHeaders)
}
func (a *API) OptionsObjectSearch(operations.OptionsObjectsSearchParams) middleware.Responder {
return operations.NewOptionsObjectsSearchOK().
WithAccessControlAllowOrigin(allOrigins).